package com.sxds.wn.security;

import com.sxds.wn.exception.DataAccessException;
import com.sxds.wn.security.dto.User;

/**
 * Description: <p>认证授权服务接口实现</p>
 * Content Desc:<p>提供判断用户是否合法，用户是否有权限<p>
 * Copy Right of Personal Tangtao 2007-2020
 * @author Andy
 * @version 1.0 Create Date:@2008-11-11
 */
public class SecurityServiceImpl implements SecurityService {

	//密码检验接口
	private PasswordEncryptProvider passwordEncrypt;
	//用户数据访问接口
	private UserDao userDao;

	/**
	 * @return the passwordEncrypt
	 */
	public PasswordEncryptProvider getPasswordEncrypt() {
		return passwordEncrypt;
	}

	
	/**
	 * @return the userDao
	 */
	public UserDao getUserDao() {
		return userDao;
	}

	/**
	 * @param userDao the userDao to set
	 */
	public void setUserDao(UserDao userDao) {
		this.userDao = userDao;
	}

	public User authenticationUser(User user) throws SecurityException,DataAccessException {
		User persistUser = userDao.queryUser(user);
		if( persistUser==null ) {
			throw new SecurityException("用户不存在");
		}
		//验证密码是否正确 
		String encryptPassword = passwordEncrypt.encrypt(user.getUserPassword());
		if( !encryptPassword.equals(persistUser.getUserPassword()) ){
			throw new SecurityException("密码有误");
		}
		return persistUser;
	}
	
	/**
	 * @param passwordEncrypt the passwordEncrypt to set
	 */
	public void setPasswordEncrypt(PasswordEncryptProvider passwordEncrypt) {
		this.passwordEncrypt = passwordEncrypt;
	}

}
